Secure device communication via consumable components

ABSTRACT

A consumable can be used to securely send data to devices. A security platform can produce a consumable, for example an ink cartridge, with data to be uploaded onto a device, such as a printer. If the consumable and device can perform a successful authentication, broadcast data can be delivered to the device via the consumable. Such techniques can help ensure that authentic consumables are being used in authentic devise. Further, such techniques can enable a licensing model where different consumables can be configured with different data to enable or disable different features of the device.

FIELD OF THE INVENTION

This present disclosure relates to securely communicating with devicesvia a consumable.

BACKGROUND

One way to communicate with a device is through a network connection.Uses of the network connection include delivering data, monitoringusage, or remotely operating the device. However, for devices that donot have a network connection, it can be difficult to perform theaforementioned tasks. As a result, these devices may be operated andused in unsafe or undesirable scenarios. Once the devices withoutnetwork connections are deployed, the supplier may have no way tointeract with the devices, and may not be able to perform actions suchas fixing security patches, updating revocation lists (e.g. to revokesecurity credentials), performing remote maintenance and configurations,monitoring for security issues, and monitoring for predictivemaintenance.

Furthermore, suppliers often rely on recurrent revenue from sellingconsumables used by the devices they supply. In the case of printers,printer suppliers rely on repeated purchases of new ink cartridges, orrefilling used, authentic cartridges, for additional revenue. In thisscenario the printer being the device (not connected to any type ofnetwork) and the ink cartridge being the consumable. Since inkcartridges can be easily cloned or replicated, printer suppliers needways to determine whether cartridges installed in printers are authenticcartridges or clones.

In light of the above mentioned problems, there is a need for suppliersto be able to interact with devices they have sold, leased, or otherwiseprovided to an end user even if the devices are not connected to anetwork. There is also a need for printer suppliers to ensure thatauthentic ink cartridges are used in the devices.

SUMMARY

The present disclosure describes a method for securing a devicecomprising: loading, by a security system, data into a consumable, thedata including security data and broadcast data; communicativelycoupling the consumable to the device; performing an authenticationbetween the consumable and the device using the security data in theconsumable; and in a case that the authentication is successful,uploading the broadcast data from the consumable to the device.

One aspect of the present disclosure further comprises, in the case thatthe authentication is unsuccessful, disabling one or more features of atleast one of the device and the consumable.

Another aspect of the present disclosure further comprises, uploadingdevice data from the device to the consumable.

Another aspect of the present disclosure further comprises, directingthe device, using the security data, to enable one or more features ofthe device.

Another aspect of the present disclosure further comprises, directingthe device, using the security data, to disable one or more features ofthe device.

In another aspect of the present disclosure, the broadcast data includessoftware update data.

In another aspect of the present disclosure, the security data includesan authorization token.

In another aspect of the present disclosure, the consumable is abattery.

In another aspect of the present disclosure, the device is a printer.

In another aspect of the present disclosure, the security data includesa consumable revocation list.

The present disclosure also describes a consumable device comprising:circuitry configured to, store data, the data including security dataand broadcast data; perform an authentication between the consumable anda device using the security data in the consumable when the consumableand the device are communicatively coupled together; and in a case thatthe authentication is successful, upload the broadcast data from theconsumable to the device.

In another aspect of the present disclosure, the circuitry is furtherconfigured to, in the case that the authentication is unsuccessful,upload additional security data to the device to disable one or morefeatures of at least one of the device and the consumable.

In another aspect of the present disclosure, the circuitry is furtherconfigured to, receive device data from the device.

In another aspect of the present disclosure, the circuitry is furtherconfigured to, direct the device, using the security data, to enable oneor more features of the device.

In another aspect of the present disclosure, the circuitry is furtherconfigured to, direct the device, using the security data, to disableone or more features of the device.

In another aspect of the present disclosure, the broadcast data includessoftware update data.

In another aspect of the present disclosure, the security data includesan authorization token.

In another aspect of the present disclosure, the consumable is abattery.

In another aspect of the present disclosure, the device is a printer.

In another aspect of the present disclosure, the security data includesa consumable revocation list.

BRIEF DESCRIPTION OF DRAWINGS

A more complete appreciation of the invention and many of the attendantadvantages thereof will be readily obtained as the same becomes betterunderstood by reference to the following detailed description whenconsidered in connection with the accompanying drawings, wherein:

FIG. 1 is a block diagram of a security platform for device informationexchange via a consumable according to aspects of the presentdisclosure;

FIG. 2 is an algorithmic flowchart of producing and using a consumablefor securely exchanging data according to aspects of the presentdisclosure;

FIG. 3 is an algorithmic flowchart of producing a consumable accordingto aspects of the present disclosure;

FIG. 4 is an algorithmic flowchart of attaching a consumable to a devicefor exchanging data between the consumable and the device according toaspects of the present disclosure;

FIG. 5 is an algorithmic flowchart of returning a consumable foranalysis by a security platform according to aspects of the presentdisclosure;

FIG. 6 is a hardware diagram of a security platform according to aspectsof the present disclosure;

FIG. 7 is a hardware diagram of a consumable according to aspects of thepresent disclosure;

FIG. 8 is a hardware diagram of a device according to aspects of thepresent disclosure; and

FIG. 9 is a workflow diagram of device communication via a consumableaccording to aspects of the present disclosure.

DETAILED DESCRIPTION

This disclosure is directed to a system and method for using consumablesto deliver information to and from devices. For simplicity and brevity,the example of an ink cartridge (consumable) and a printer (device) areused to explain some of the embodiments. However, one of ordinary skillin the art will recognize that the techniques mentioned herein can beapplied to other devices that use consumables. For example, batteriesmay be used to deliver information to and from a battery powered device,or light bulbs may be used to deliver information to and from a lightingsystem.

Referring now to the drawings, FIG. 1 is a high level overview of asecurity platform 100, consumable 110, and device 120 according to someembodiments. The security platform 100 can generate and upload data thatis to be delivered to the device 120 onto the consumable 110, such assecurity data and broadcast data. In another embodiment, the securityplatform 100 can be located at and operated by an authorized vendor ofthe consumable 110. Then, the consumable 110 can be attached to thedevice 120. Once attached, the data within the consumable can bedelivered to the device 120 by the consumable 110. The device 120 canalso upload device data onto the consumable 110, such as field data.When the consumable 110 is returned to the security platform 100, thisdevice data uploaded onto the consumable 110 from the device 120 can bestored and processed by the security platform 100.

Using the example of an ink cartridge and a printer, an authorizedvendor of the ink cartridge can upload data onto the ink cartridge. Whenthe ink cartridge is installed in the printer, the ink cartridge candeliver data to the printer, and the printer can upload data to the inkcartridge. Once depleted, the ink cartridge can be returned to theauthorized vendor (e.g. for recycling or refilling), where device datadelivered from the printer to the ink cartridge can be collected andanalyzed by the authorized vendor.

The described embodiment advantageously allows data to be delivered todevices without a network connection. Security data can also be usedbetween the consumable and device to perform an authentication, ensuringthat authentic, authorized consumables are used in the device. Alicensing model is also provided, where consumables are able to enableor disable one or more features of the device. For example, depending onthe consumable that the user acquires, different data can be uploadedonto the device to enable or disable different features. As oneimplementation, a subcontractor can order one or more licenses, and thesecurity platform 100 can deliver or update a license dongle with theordered licenses onto each consumable 110. Using the example of an inkcartridge and a printer, data can be uploaded onto the ink cartridge toenable or disable high resolution printing depending on the licenseacquired by the user.

FIG. 2 is a method 200 for delivering data using consumables accordingto an embodiment. At step S210, a consumable, such as consumable 110, isproduced. This includes configuring the consumable 110 with data, suchas broadcast data and security data to be delivered to a device, such asdevice 120, by a security platform, such as security platform 100. Atstep S220, the consumable 110 is attached to the device and theconsumable 110 exchanges data with the device 120. This exchangingincludes the consumable 110 delivering the broadcast data and securitydata to the device 120, as well as the device 120 delivering device datato the consumable 110. At step S230 the consumable 110 is returned. Theconsumable 110 is returned to the security platform 100 for analyzingthe device data, recycling the consumable 110, or replenishing theconsumable 110. As one of ordinary skill will recognize, the consumable110 does not have to be returned, such that the communication ofinformation is one-way, without departing from the scope of the presentdisclosure.

FIG. 3 is a method 300 for an embodiment of producing a consumable 110as mentioned in S210. The method 300 begins in S311 by obtaining dataparameters. The data parameters are used to determine what data toconfigure onto the consumable 110 (and ultimately be delivered to thedevice 120). For example, if the consumable 110 is an ink cartridge,data parameters to be obtained can include the requested ink color,number of ink cartridges to be purchased, the device 120 model, and thefeatures they'd like to unlock on the device 120.

The next step S312 is generating broadcast data using the dataparameters obtained in S311. This broadcast data can include the datathat is to be delivered to the device 120, such as software update data(e.g. a list to revoke specific consumable id or range, a criticalfirmware fix to be installed, a specific counter measure to be executed,a specific configuration data to be applied, a predictive maintenance tobe done).

The next step S313 is generating security data. The security data isused to ensure that a legitimate consumable 110 is being attached to alegitimate device 120. This security data includes data to perform anauthentication between the consumable and the device, such as anauthorization token. For example, the consumable 110 can be programmedwith an authorization token bound to its secret identity and generatedby the security platform 100, such as an oAuth token signed with asecret asymmetric key only known into a security platform hardwaresecurity module (HSM). oAuth (e.g. oAuth 2.0) is an authorizationprotocol that enables secure designated access by using authorizationtokens to provide an identity between the consumable 110 and the device120. The authorization token can also have time validity information,such as a start of validity time in an acceptable range.

Furthermore, the security data also includes information to authorizeusage of specific device 120 features or forbid usage of specific devicefeatures. For example, a consumable that a user paid a higher price forcan have security data that unlocks all the features of a device 120,whereas a consumable 110 that a user paid a lower price for can unlockless than all the features of a device 120. Note that in otherembodiments, S313 can be performed before S312, or at the same time asS312.

Moreover, the security data can also include a consumable revocationlist (CRL), such as a public key infrastructure (PKI) certificaterevocation list, of consumables 110 that are revoked (i.e. cannot havefull access to the device 120). The CRL can be fully or incrementallyupdated into the device 120 using one or more consumables 110, where theCRL is then used to blacklist and revoke suspicious consumables 110.

The next step S314 is uploading the broadcast data from S312 andsecurity data from S313 onto one or more consumables 110. The data isuploaded onto a secure element housed in the consumable 110. In oneembodiment, all the data is uploaded onto a single consumable 110. Inanother embodiment, the data can be split up and distributed across aplurality of consumables 110 for delivering data all at once, ordelivering data over time. For delivering data all at once, because somedevices 120, such as printers, accept multiple consumables 110 at a time(e.g. ink cartridge with black ink, ink cartridge with yellow ink, inkcartridge with cyan ink, and ink cartridge with magenta ink), some ofthe data is split up across the multiple consumables 110. For deliveringdata over time, additional data is uploaded onto the consumable 110 fromthe security platform 100, replacing some of the previously uploadeddata, each time the consumable 110 is replenished. Each time thereplenished consumable 110 is reinstalled into a device 120, additionaldata is delivered. The data is self-contained so that the device 120 canfunction even though it does not have all the data.

In step S315, the consumable 110 is filled. For example, if theconsumable 110 is an ink cartridge, the ink cartridge is be filled withink. After filling, the consumable is given to a user for use in thefield (e.g. home, office, library).

FIG. 4 is a method 400 for one embodiment of attaching the consumable110 to the device 120 and exchanging data as mentioned in S220. Thefirst step S421 is attaching the consumable 110 produced in method 300onto a device 120. For example, an ink cartridge can be installed onto aprinter.

The next step S422 is performing an authentication between theconsumable 110 and the device 120, using the security data, to verifylegitimacy. The authentication can look like authentication of theconsumable 110 by the device 120, authentication of the device 120 bythe consumable 110, or a mutual authentication between both theconsumable 110 and the device 120. For instance, in the case that thedevice 120 authenticates the consumable 110, the device 120 checks thesecurity data uploaded onto the consumable 110 to verify theconsumable's 110 authenticity. Furthermore, secure elements in theconsumable 110 and the device 120 can be mutually authenticated usingasymmetric PKI based cryptography with unique per device or consumablesecrets. The authorization token with time validity information can alsobe compared with the local secure time of the device 120. In addition,the CRL security data can be broadcasted from the consumable 110 andupdated into the device 120, where in-turn, the device 120 can use theCRL to revoke suspicious consumables 110. Therefore, even if asubsequent consumable 110 is initially authenticated in S422, if it isblacklisted by the CRL, the authentication will fail and the consumable110 will be denied some or all access to the device 120.

The next step S423 is determining whether the authentication performedin S422 was successful. If S422 was successful, the next step is S424;if not, the next step is S425.

In S424, prior to uploading, a secure channel is setup between thedevice 120 and the consumable 110 to securely exchange data. Then, thebroadcast data and security data is uploaded from the consumable 110onto the device 120. As an example, this can be a printer cartridgeuploading a software update onto a printer. As another example, this canbe a printer cartridge enabling (i.e. unlocking) a 600 dots per inchresolution printing feature on a printer.

S425 includes disabling one or more features of the device 120. Thisdisabling disables the device 120 in some form, such as locking certainfeatures of the device 120, degrading certain features of the device120, uploading only a portion of the data, refusing to proceed, orrequiring a manual override. The command to force the device 120 into adisabled mode can come from the consumable 110 or the device 120. In thecase that the command comes from the consumable 110, this can beadditional security data uploaded onto the device 120 from theconsumable 110 after the authentication has failed. In the case that thecommand comes from the device 120, this can be the device 120 sending acontrol signal to disable one or more of its own features after theauthentication has failed.

According to one embodiment, in a scenario where the consumable 110 isnot successfully authenticated, the device 120 can disable usage of theconsumable 110. For instance, a printer can disable usage of theparticular ink cartridge (e.g. ink cartridge holding black ink) that wasnot successfully authenticated. According to another embodiment, in ascenario where the device 120 is not successfully authenticated, theconsumable 110 can disable itself. For example, a battery can refuse topower a device, or an ink cartridge can refuse to receive device datauploaded by the device 120.

After performing S424 or S425, S426 is generating and storing devicedata from the device 120 onto the consumable 110. This can be data to becommunicated between different devices 120 if the consumable 110 isgoing to be used for different devices 120. This can also be datarelated to monitoring data for security or predictive maintenance if theconsumable 110 is to be returned to the security platform 100. Examplesof device data can include consumable metadata, serial numbers, orderinginfo, and sub-contract certificates

FIG. 5 is a method 500 for one embodiment of returning the consumable110 as mentioned in S230. The first step S531 is returning theconsumable to the security platform 100. For example, when an inkcartridge is out of ink, the owner can return it to an authorizedsupplier of that particular ink cartridge model.

The next step S532 is uploading device data from the consumable 110 tothe security platform 100. The data for uploading can be that collectedduring S426 of method 400. The security platform 100 can be used forstoring and processing the uploaded device data in S532. In oneembodiment, this device data can be used for data driven decisionmaking. For example, a supplier noticing that particular features of thedevice 120 are used more frequently than others can utilize thatinformation to make more prudent business decisions.

S533 is to dispose of or reuse the consumable. In the case that theconsumable is disposed of, it can be disposed of in a way such thatconfidential data cannot be obtained by unauthorized users. In the casethat the consumable is reused, the consumable can be refilled and havenew or additional data uploaded onto it using a similar technique tothat described in method 300.

It can be appreciated that the above-mentioned methods can also beimplemented as a system. FIG. 6 shows an example of a security platform100. In one embodiment, the security platform 100 can be a self-servebooth where a user can obtain or return a consumable 110. The securityplatform 100 can include a processor 101, memory 102, user interface103, input/output (I/O) 104, printer ink 105, and consumable 110.

The processor 101 may be based on a reduced instruction set (RISC)circuit architecture, Von Neumann architecture, Harvard architecture, orany other processing circuit architecture that is known. The processor101 may also be implemented as a system on a chip, application specificintegrated circuit (ASIC), field programmable gate array (FPGA), or withdiscrete logic circuit components. The processor 101 may also beimplemented in software that is executed on processing circuitry havingany of the architectures described above. The processor 101 can beembedded a secure element for communicating with the consumable 110. Inone embodiment, the processor 101 can be configured to run all orportions of method 300 and/or 500.

The memory 102 can be used to store instructions and other data neededby the processor 101 in order to carry out various tasks in accordancewith aspects of the present disclosure. The memory 102 may includepermanent instructions that do not require changes, such as lower-levelroutines. The memory 102 may include a combination of random accessmemory and erasable programmable read only memory (EPROM) in order tostore programming instructions that may be periodically updated and datathat may change periodically or frequently during as the processor 101executes instructions.

The user interface 103 can enable a user to interface with the securityplatform 100, for example, to obtain data parameters. In one embodiment,the user interface 103 can include interfaces for peripheral devices,such as a mouse, keyboard, speaker, memory stick, secure digital (SD)card, a liquid crystal display, et cetera.

The I/O 104 can include circuitry for delivering data between thesecurity platform 100 and the consumable 110. The printer ink 105 canstore printer ink for filling up the consumable 110.

FIG. 7 shows an example of a consumable 110 represented as an inkcartridge. The consumable 110 can include a processor 111, memory 112,I/O 114, and printer ink storage 115.

The processor 111 may be based on a reduced instruction set (RISC)circuit architecture, Von Neumann architecture, Harvard architecture, orany other processing circuit architecture that is known. The processor111 may also be implemented as a system on a chip, application specificintegrated circuit (ASIC), field programmable gate array (FPGA), or withdiscrete logic circuit components. The processor 111 may also beimplemented in software that is executed on processing circuitry havingany of the architectures described above. The processor 111 can beembedded with a secure element for communicating with the device 120and/or security platform 100. In one embodiment, the processor 111 canbe configured to run all or portions of method 300, 400, and/or 500.

The memory 112 can be used to store instructions and other data neededby the processor 111 in order to carry out various tasks in accordancewith aspects of the present disclosure. The memory 112 may includepermanent instructions that do not require changes, such as lower-levelroutines. The memory 102 may include a combination of random accessmemory and erasable programmable read only memory (EPROM) in order tostore programming instructions that may be periodically updated and datathat may change periodically or frequently during as the processor 111executes instructions.

The I/O 114 can include circuitry for delivering data between thesecurity platform 100 and the consumable 110, as well as for deliveringdata between the device 120 and the consumable 110. The printer inkstorage 115 can hold ink, which can be consumed by the device 120.

FIG. 8 shows an example of a device 120 represented as a printer. Thedevice 120 can include a processor 121, memory 122, user interface 123,I/O 124, printing head 125, and consumable 110.

The processor 121 may be based on a reduced instruction set (RISC)circuit architecture, Von Neumann architecture, Harvard architecture, orany other processing circuit architecture that is known. The processor121 may also be implemented as a system on a chip, application specificintegrated circuit (ASIC), field programmable gate array (FPGA), or withdiscrete logic circuit components. The processor 121 may also beimplemented in software that is executed on processing circuitry havingany of the architectures described above. The processor 121 can beembedded with a secure element for communicating with the consumable110. In one embodiment, the processor 121 can be configured to run allor portions of method 400.

The memory 122 can be used to store instructions and other data neededby the processor 121 in order to carry out various tasks in accordancewith aspects of the present disclosure. The memory 122 may includepermanent instructions that do not require changes, such as lower-levelroutines. The memory 122 may include a combination of random accessmemory and erasable programmable read only memory (EPROM) in order tostore programming instructions that may be periodically updated and datathat may change periodically or frequently during as the processor 121executes instructions.

The user interface 123 can enable a user to interface with the device120. In one embodiment, the user interface 123 can include interfacesfor peripheral devices, such as a mouse, keyboard, speaker, memorystick, secure digital (SD) card, a liquid crystal display, et cetera.

The I/O 124 can include circuitry for delivering data between theconsumable 110 and the device 120. The printing head 125 can use inkfrom the printer ink storage 115 in the consumable 110 to performprinting tasks. The printing head 125 can also include one or moremotors for controlling the movement of the print head 125.

FIG. 9 is a workflow diagram according to one aspect. First, duringproduction, the security platform 100 generates and secures broadcastdata and an authorization token. Second, this broadcast data andauthorization token are configured onto a secure element in theconsumable 110. Third, a user takes this consumable 110 andcommunicatively couples it to a device 120. Once coupled, the secureelement in the consumable 110 and a secure element in the device 120 aremutually authenticated in each other (e.g. anti-clone, consumptionanti-replay, revocation list) using the authorization token to set up asecure channel for exchanging data between the consumable 110 and thedevice 120. The authorization token includes specific data to authorizeusage of specific features of the device 120. If the mutualauthentication is not successful, a secure channel is not set up, andthe device 120 or consumable 110 will refuse to proceed or enter into adisabled mode. Moreover, the device 120 generates and stores its owndata onto the secure element in the consumable 110. Fourth, theconsumable 110 is returned to the security platform 100 for analysis ofthe data stored on the consumable 110.

As previously mentioned, one can appreciate that the techniquesmentioned in this disclosure can be applied to a myriad of othersystems. The techniques mentioned herein can solve problems related toperforming authentications, identifying counterfeits, securely sendingdata via hardware, and licensing via hardware, all without needing anetwork connection. Additional examples of use cases can include: thedevice can be a shipping container and the consumable can be atemperature or humidity sensor; the device can be a vehicle (e.g.autonomous car, spaceship, boat) and the consumable can be a headlightor battery; the device can be medical equipment (e.g. PET scanner) andthe consumable can be a flash drive; the device can be a headset orspeakers, and the consumable can be a phone; the device can be a cameraand the consumable can be an SD card or battery; the device can be anamplifier, and the consumable can be an instrument; the device can be a3D printer, and the consumable can be filament; the device can be adisplay (e.g. TV), and the consumable can be a flash driver; the devicecan be a polaroid camera and the consumable can be polaroid film; thedevice can be a purifier (e.g. air, liquid) and the consumable can be afilter; the device can be a power tool (e.g. drill, angle grinder) andthe consumable can be a battery.

Those skilled in the art will also understand that there can be manyvariations made to the operations of the techniques explained abovewhile still achieving the same objectives of the invention. Suchvariations are intended to be covered by the scope of this disclosure.As such, the foregoing descriptions of embodiments of the invention arenot intended to be limiting. Rather, any limitations to embodiments ofthe invention are presented in the following claims.

Embodiments of the present disclosure may also be as set forth in thefollowing parentheticals.

(1) A method for securing a device comprising: loading, by a securitysystem, data into a consumable, the data including security data andbroadcast data; communicatively coupling the consumable to the device;performing an authentication between the consumable and the device usingthe security data in the consumable; and in a case that theauthentication is successful, uploading the broadcast data from theconsumable to the device.

(2) The method of (1) further comprising: in the case that theauthentication is unsuccessful, disabling one or more features of atleast one of the device and the consumable.

(3) The method of any (1) to (2) further comprising: uploading devicedata from the device to the consumable.

(4) The method of any (1) to (3), further comprising: directing thedevice, using the security data, to enable one or more features of thedevice.

(5) The method of any (1) to (4), further comprising: directing thedevice, using the security data, to disable one or more features of thedevice.

(6) The method of any (1) to (5), wherein the broadcast data includessoftware update data.

(7) The method of any (1) to (6), wherein the security data includes anauthorization token.

(8) The method of any (1) to (7), wherein the consumable is a battery.

(9) The method of any (1) to (8), wherein the device is a printer.

(10) The method of (1) to (9), wherein the security data includes aconsumable revocation list.

(11) A consumable device comprising: circuitry configured to, storedata, the data including security data and broadcast data; perform anauthentication between the consumable and a device using the securitydata in the consumable when the consumable and the device arecommunicatively coupled together; and in a case that the authenticationis successful, upload the broadcast data from the consumable to thedevice.

(12) The device of (11), wherein the circuitry is further configured to,in the case that the authentication is unsuccessful, upload additionalsecurity data to the device to disable one or more features of thedevice.

(13) The device of any (11) to (12), wherein the circuitry is furtherconfigured to, receive device data from the device.

(14) The device of any (11) to (13), wherein the circuitry is furtherconfigured to, direct the device, using the security data, to enable oneor more features of the device.

(15) The device of any (11) to (14), wherein the circuitry is furtherconfigured to, direct the device, using the security data, to disableone or more features of the device.

(16) The device of any (11) to (15), wherein the broadcast data includessoftware update data.

(17) The device of any (11) to (16), wherein the security data includesan authorization token.

(18) The device of any (11) to (17), wherein the consumable is abattery.

(19) The device of any (11) to (18), wherein the device is a printer.

(20) The device of any (11) to (19), wherein the security data includesa consumable revocation list.

What is claimed is:
 1. A method for securing a printer, comprising:generating a data item, the data item including security data andbroadcast data, wherein the security data includes an authorizationtoken and a cartridge revocation list, and the broadcast data includesat least one of a critical firmware fix, specific configuration data, orpredictive maintenance data; dividing the broadcast data into a firstportion and a second portion; loading, by a security system, the firstportion into a first cartridge and the second portion into a secondcartridge; coupling the first and second cartridges to the printer;performing an authentication between each of the first and secondcartridges and the printer using security information included in thefirst and second cartridges; and when the authentication is successful,uploading the first and second portions from the first and secondcartridges, respectively, to the printer to provide an entirety of thebroadcast data to the printer.
 2. The method of claim 1 furthercomprising: when the authentication is unsuccessful, disabling one ormore features of at least one of the printer and the first and secondcartridges.
 3. The method of claim 1 further comprising: uploadingprinter data from the printer to one of the first and second cartridges.4. The method of claim 1, further comprising: directing the printer,using the security data, to enable one or more features of the printer.5. The method of claim 1, further comprising: directing the printer,using the security data, to disable one or more features of the printer.6. A cartridge device, comprising: circuitry configured to store, in amemory of the cartridge device, a first portion of broadcast data of adata item, the data item including security data and the broadcast data,wherein the security data includes an authorization token and acartridge revocation list, and the broadcast data includes at least oneof a critical firmware fix, specific configuration data, or predictivemaintenance data; perform an authentication between the cartridge deviceand a printer using security information included in the cartridgedevice when the cartridge device and the printer are coupled together;and when the authentication is successful, upload the first portion ofthe data item from the cartridge device to the printer, wherein a secondportion of the broadcast data is included in another cartridge devicecommunicatively coupled to the printer, and the first and secondportions stored in the cartridge device and the other cartridge devicetogether form an entirety of the broadcast data to be uploaded to theprinter.
 7. The device of claim 6, wherein the circuitry is furtherconfigured to when the authentication is unsuccessful, upload additionalsecurity data to the printer to disable one or more features of theprinter.
 8. The device of claim 6, wherein the circuitry is furtherconfigured to receive printer data from the printer.
 9. The device ofclaim 6, wherein the circuitry is further configured to direct theprinter, using the security data, to enable one or more features of theprinter.
 10. The device of claim 6, wherein the circuitry is furtherconfigured to direct the printer, using the security data, to disableone or more features of the printer.